Vulnerabilities > Oracle > Application Server WEB Cache
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-07-03 | CVE-2002-0559 | Buffer Overflows vulnerability in Oracle 9iAS Apache PL/SQL Module Buffer overflows in PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allow remote attackers to cause a denial of service or execute arbitrary code via (1) a long help page request without a dadname, which overflows the resulting HTTP Location header, (2) a long HTTP request to the plsql module, (3) a long password in the HTTP Authorization, (4) a long Access Descriptor (DAD) password in the addadd form, or (5) a long cache directory name. | 7.5 |
2002-05-27 | CVE-2002-1641 | Remotely Exploitable Buffer Overflow vulnerability in Oracle Web Cache Multiple buffer overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS) allow remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
2002-03-25 | CVE-2002-0103 | Privilege Escalation vulnerability in Oracle Application Server web Cache 2.0.0.0/2.0.0.1/2.0.0.2 An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from webcache.xml. | 4.6 |
2002-03-25 | CVE-2002-0102 | Denial Of Service vulnerability in Oracle Application Server web Cache 2.0.0.0/2.0.0.1/2.0.0.2 Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via (1) a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and (2) a request to TCP port 4000 with a large number of "." characters. | 5.0 |
2001-12-06 | CVE-2001-0836 | Unspecified vulnerability in Oracle Application Server web Cache 2.0.0.1 Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. | 7.5 |